Featured in DevOps

Adin Scannell talks about gVisor - a container runtime that implements the Linux kernel API in userspace using Go. He talks about the architectural challenges associated with userspace kernels, the positive and negative experiences with Go as an implementation language, and finally, how to ensure API coverage and compatibility.

Cloudflare Add WebAssembly Support and Key Value Store for CDN "Workers" Deployed at the Edge

Cloudflare recently announced two additional capabilities for their "serverless" Workers: support for WebAssembly as an alternative to JavaScript, and a key-value store called Workers KV. WebAssembly will allow Workers to be written in compiled languages such as C, C++, Rust and Go. Workers KV provides an eventually consistent state storage mechanism hosted across Cloudflare's global network of over 150 data centres.

WebAssembly (or WASM) has been developed by W3C to provide a faster (to parse and execute) and more compact alternative to JavaScript, and found its way into mainstream browsers at the end of 2017. It implements an abstract structured stack machine, with an intermediate bytecode representation. The promise is that code can be written in (or reused from) a variety of compiled languages by simply compiling it into .wasm files. The reality at present is that tool chain support for .wasm is still immature, with Cloudflare's demo repository containing links to 'Build lld from source' in the 'How to build' section. Cloudflare also take pains to point out that WebAssembly 'is not always the right tool for the job', going on to explain when it is most suited:

For lightweight tasks like redirecting a request to a different URL or checking an authorization token, sticking to pure JavaScript is probably both faster and easier than WASM. WASM programs operate in their own separate memory space, which means that it's necessary to copy data in and out of that space in order to operate on it. Code that mostly interacts with external objects without doing any serious "number crunching" likely does not benefit from WASM.

On the other hand, WASM really shines when you need to perform a resource-hungry, self-contained operation, like resizing an image, or processing an audio stream. These operations require lots of math and careful memory management. While it's possible to perform such tasks in pure JavaScript — and engines like V8 have gone to impressive lengths to optimize such code — in the end nothing beats a compiled language with static types and explicit allocation.

In its Building With Workers KV blog post, Cloudflare provides a number of examples for what can be done with the technology. These include implementing an API Gateway that uses access tokens, dynamic data in pages (e.g. for translations), configuration such as feature flags, and stateful cloud functions. They also detail limits and pricing:

Up to 1 billion keys per namespace

Keys of up to 2 kB

Values of up to 64 kB

Eventually consistent, global consistency within 10 seconds

100k+ reads per second per key

Up to one write per second per key

$5 monthly Workers compute minimum includes 1 GB of KV storage and up to 10 million KV reads. If you use less than the 10 million included Worker requests now, you can use KV without paying a single cent more.

Beyond the minimums, Workers KV is billed at $0.50 per GB-month of additional storage and $0.50 per million additional KV reads.

Cloudflare compares Workers to Amazon's Lambda functions, though possibly a fairer comparison would be Lambda@Edge, which runs functions in the AWS CloudFront Content Delivery Network (CDN). In both cases the services are providing a third place (at the edge of a global CDN) to do processing so that it doesn't have to take place in the browser (or API client) or at the origin. The purpose of such edge hosting is to provide low latency by having points of presence close to the client, whilst at the same time taking the compute overhead (and accompanying security concerns) away from the client. By enabling stateful services Cloudflare has opened up the possibility of 'originless' services that exist purely at the edge with no centralised point of origin.

Prior to the announcement of Workers support for WebAssembly, Cloudflare's CEO Matthew Prince tweeted, 'Long term, it may well be the biggest industry-changing announcement we've made all month.' Given the pressure other Functions as a Service (FaaS) platforms have come under to provide polyglot language support WebAssembly might turn out to be an easy way to keep developers happy; so long as today's tool chain issues erode under the pressure of broader adoption.